{ "schemaVersion": "1.0", "item": { "slug": "sui-coverage", "name": "Sui Coverage", "source": "tencent", "type": "skill", "category": "ę•°ę®åˆ†ęž", "sourceUrl": "https://clawhub.ai/EasonC13/sui-coverage", "canonicalUrl": "https://clawhub.ai/EasonC13/sui-coverage", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/sui-coverage", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=sui-coverage", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md", "analyze.py", "analyze_source.py", "parse_bytecode.py", "parse_source.py" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/sui-coverage" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/sui-coverage", "agentPageUrl": "https://openagent3.xyz/skills/sui-coverage/agent", "manifestUrl": "https://openagent3.xyz/skills/sui-coverage/agent.json", "briefUrl": "https://openagent3.xyz/skills/sui-coverage/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Sui Coverage Skill", "body": "Analyze and automatically improve Sui Move test coverage with security analysis.\n\nGitHub: https://github.com/EasonC13-agent/sui-skills/tree/main/sui-coverage" }, { "title": "Install Sui CLI", "body": "# macOS (recommended)\nbrew install sui\n\n# Other platforms: see official docs\n# https://docs.sui.io/guides/developer/getting-started/sui-install\n\nVerify:\n\nsui --version" }, { "title": "Quick Reference", "body": "# Location of tools (adjust to your skill installation path)\nSKILL_DIR=/skills/sui-coverage\n\n# Full workflow\ncd /path/to/move/package\nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m -o coverage.md" }, { "title": "Step 1: Run Coverage Analysis", "body": "cd \nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m -o coverage.md" }, { "title": "Step 2: Read the Coverage Report", "body": "Read the generated coverage.md to identify:\n\nšŸ”“ Uncalled functions - Functions never executed\nšŸ”“ Uncovered assertions - assert!() failure paths not tested\nšŸ”“ Uncovered branches - if/else paths not taken" }, { "title": "Step 3: Write Missing Tests", "body": "For each uncovered item, write a test:\n\nA. Uncalled Function\n\n#[test]\nfun test_() {\n // Setup\n let mut ctx = tx_context::dummy();\n // Call the uncovered function\n (...);\n // Assert expected behavior\n}\n\nB. Assertion Failure Path (expect_failure)\n\n#[test]\n#[expected_failure(abort_code = )]\nfun test__fails_when_() {\n let mut ctx = tx_context::dummy();\n // Setup state that triggers the assertion failure\n ();\n}\n\nC. Branch Coverage (if/else)\n\n#[test]\nfun test__when_() { ... }\n\n#[test] \nfun test__when_() { ... }" }, { "title": "Step 4: Verify Coverage Improved", "body": "sui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m " }, { "title": "1. analyze_source.py (Primary Tool)", "body": "python3 $SKILL_DIR/analyze_source.py --module [options]\n\nOptions:\n -m, --module Module name (required)\n -p, --path Package path (default: .)\n -o, --output Output file (e.g., coverage.md)\n --json JSON output\n --markdown Markdown to stdout" }, { "title": "2. analyze.py (LCOV Statistics)", "body": "sui move coverage lcov\npython3 $SKILL_DIR/analyze.py lcov.info -f \"\" -s sources/\n\nOptions:\n -f, --filter Filter by path pattern\n -s, --source-dir Source directory for context\n -i, --issues-only Only show files with issues\n -j, --json JSON output" }, { "title": "3. parse_bytecode.py (Low-level)", "body": "sui move coverage bytecode --module | python3 $SKILL_DIR/parse_bytecode.py" }, { "title": "Testing Assertion Failures", "body": "// Source code:\npublic fun withdraw(balance: &mut u64, amount: u64) {\n assert!(*balance >= amount, EInsufficientBalance); // ā† This failure path\n *balance = *balance - amount;\n}\n\n// Test for the failure path:\n#[test]\n#[expected_failure(abort_code = EInsufficientBalance)]\nfun test_withdraw_insufficient_balance() {\n let mut balance = 50;\n withdraw(&mut balance, 100); // Should fail: 50 < 100\n}" }, { "title": "Testing All Branches", "body": "// Source code:\npublic fun classify(value: u64): u8 {\n if (value == 0) {\n 0\n } else if (value < 100) {\n 1\n } else {\n 2\n }\n}\n\n// Tests for all branches:\n#[test]\nfun test_classify_zero() {\n assert!(classify(0) == 0, 0);\n}\n\n#[test]\nfun test_classify_small() {\n assert!(classify(50) == 1, 0);\n}\n\n#[test]\nfun test_classify_large() {\n assert!(classify(100) == 2, 0);\n}" }, { "title": "Testing Object Lifecycle", "body": "#[test]\nfun test_full_lifecycle() {\n let mut ctx = tx_context::dummy();\n \n // Create\n let obj = create(&mut ctx);\n assert!(get_value(&obj) == 0, 0);\n \n // Modify\n increment(&mut obj);\n assert!(get_value(&obj) == 1, 0);\n \n // Destroy\n destroy(obj);\n}" }, { "title": "Error Code Reference", "body": "When writing #[expected_failure] tests, use the error constant name:\n\n// If the module defines:\nconst EInvalidInput: u64 = 1;\nconst ENotAuthorized: u64 = 2;\n\n// Use in test:\n#[expected_failure(abort_code = EInvalidInput)]\nfun test_invalid_input() { ... }\n\n// Or use the module-qualified name:\n#[expected_failure(abort_code = my_module::EInvalidInput)]\nfun test_invalid_input() { ... }" }, { "title": "Example: Full Auto-Coverage Session", "body": "# 1. Analyze current coverage\ncd /path/to/my_package\nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m my_module -o coverage.md\n\n# 2. Review what's missing\ncat coverage.md\n# Shows:\n# - decrement() not called\n# - assert!(value > 0, EValueZero) failure not tested\n\n# 3. Add tests to sources/my_module.move or tests/my_module_tests.move\n# (write the missing tests)\n\n# 4. Verify improvement\nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m my_module\n\n# 5. Repeat until 100% coverage" }, { "title": "Integration with Agent Workflow", "body": "When asked to improve test coverage:\n\nRun analysis - Get current coverage state\nRead source - Understand the module's logic\nIdentify gaps - List uncovered functions/branches/assertions\nSecurity review - Analyze for vulnerabilities while writing tests\nWrite tests - Create tests for each gap + security edge cases\nReport findings - Document any security concerns discovered\nVerify - Re-run coverage to confirm improvement\n\nAlways commit test improvements:\n\ngit add sources/ tests/\ngit commit -m \"Improve test coverage for \"" }, { "title": "Security Analysis During Testing", "body": "Writing tests = Understanding the contract = Finding vulnerabilities\n\nWhen writing tests, actively look for these issues:" }, { "title": "1. Access Control", "body": "Questions to ask:\n- Who can call this function?\n- Should there be owner/admin checks?\n- Can unauthorized users manipulate state?\n\nRed flags:\n- Public functions that modify critical state without checks\n- Missing capability/witness patterns" }, { "title": "2. Integer Overflow/Underflow", "body": "Questions to ask:\n- What happens at u64::MAX?\n- What happens when subtracting from 0?\n- Are arithmetic operations checked?\n\nTest pattern:\n#[test]\nfun test_overflow_boundary() {\n // Test with max values\n}" }, { "title": "3. State Manipulation", "body": "Questions to ask:\n- Can state be left in inconsistent state?\n- Are all state changes atomic?\n- Can partial failures corrupt data?\n\nRed flags:\n- Multiple state changes without rollback\n- Shared objects without proper locking" }, { "title": "4. Economic Exploits", "body": "Questions to ask:\n- Can someone extract more value than deposited?\n- Are there rounding errors that can be exploited?\n- Flash loan attack vectors?\n\nRed flags:\n- Price calculations without slippage protection\n- Unbounded loops over user-controlled data" }, { "title": "5. Denial of Service", "body": "Questions to ask:\n- Can someone block legitimate users?\n- Are there unbounded operations?\n- Can storage be filled maliciously?\n\nRed flags:\n- Vectors that grow unbounded\n- Loops over external data" }, { "title": "Security Report Template", "body": "When analyzing a module, generate a security report:\n\n## Security Analysis: \n\n### Summary\n- Risk Level: [Low/Medium/High/Critical]\n- Issues Found: X\n\n### Findings\n\n#### [SEVERITY] Issue Title\n- **Location:** Line XX\n- **Description:** What the issue is\n- **Impact:** What could happen\n- **Recommendation:** How to fix\n\n### Tested Edge Cases\n- [ ] Overflow at max values\n- [ ] Underflow at zero\n- [ ] Unauthorized access attempts\n- [ ] Empty/null inputs\n- [ ] Reentrancy scenarios" }, { "title": "Example: Security-Aware Test", "body": "// SECURITY: Testing that non-owner cannot withdraw\n#[test]\n#[expected_failure(abort_code = ENotOwner)]\nfun test_unauthorized_withdraw() {\n // Setup: Create vault owned by ALICE\n // Action: BOB tries to withdraw\n // Expected: Should fail with ENotOwner\n}\n\n// SECURITY: Testing overflow protection\n#[test]\nfun test_deposit_overflow_protection() {\n // Deposit near u64::MAX\n // Verify no overflow occurs\n}\n\n// SECURITY: Testing economic invariant\n#[test]\nfun test_total_supply_invariant() {\n // After any operations:\n // sum(all_balances) == total_supply\n}" }, { "title": "Full Workflow with Security", "body": "# 1. Coverage analysis\nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m -o coverage.md\n\n# 2. While writing tests, document security findings\n# Create SECURITY.md alongside coverage.md\n\n# 3. After tests pass, summarize:\n# - Coverage: X% ā†’ 100%\n# - Security issues found: N\n# - Recommendations: ..." }, { "title": "Related Skills", "body": "This skill is part of the Sui development skill suite:\n\nSkillDescriptionsui-decompileFetch and read on-chain contract source codesui-moveWrite and deploy Move smart contractssui-coverageAnalyze test coverage with security analysissui-agent-walletBuild and test DApps frontend\n\nWorkflow:\n\nsui-decompile ā†’ sui-move ā†’ sui-coverage ā†’ sui-agent-wallet\n Study Write Test & Audit Build DApps\n\nAll skills: https://github.com/EasonC13-agent/sui-skills" } ], "body": "Sui Coverage Skill\n\nAnalyze and automatically improve Sui Move test coverage with security analysis.\n\nGitHub: https://github.com/EasonC13-agent/sui-skills/tree/main/sui-coverage\n\nPrerequisites\nInstall Sui CLI\n# macOS (recommended)\nbrew install sui\n\n# Other platforms: see official docs\n# https://docs.sui.io/guides/developer/getting-started/sui-install\n\n\nVerify:\n\nsui --version\n\nQuick Reference\n# Location of tools (adjust to your skill installation path)\nSKILL_DIR=/skills/sui-coverage\n\n# Full workflow\ncd /path/to/move/package\nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m -o coverage.md\n\nWorkflow: Auto-Improve Test Coverage\nStep 1: Run Coverage Analysis\ncd \nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m -o coverage.md\n\nStep 2: Read the Coverage Report\n\nRead the generated coverage.md to identify:\n\nšŸ”“ Uncalled functions - Functions never executed\nšŸ”“ Uncovered assertions - assert!() failure paths not tested\nšŸ”“ Uncovered branches - if/else paths not taken\nStep 3: Write Missing Tests\n\nFor each uncovered item, write a test:\n\nA. Uncalled Function\n#[test]\nfun test_() {\n // Setup\n let mut ctx = tx_context::dummy();\n // Call the uncovered function\n (...);\n // Assert expected behavior\n}\n\nB. Assertion Failure Path (expect_failure)\n#[test]\n#[expected_failure(abort_code = )]\nfun test__fails_when_() {\n let mut ctx = tx_context::dummy();\n // Setup state that triggers the assertion failure\n ();\n}\n\nC. Branch Coverage (if/else)\n#[test]\nfun test__when_() { ... }\n\n#[test] \nfun test__when_() { ... }\n\nStep 4: Verify Coverage Improved\nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m \n\nTools\n1. analyze_source.py (Primary Tool)\npython3 $SKILL_DIR/analyze_source.py --module [options]\n\nOptions:\n -m, --module Module name (required)\n -p, --path Package path (default: .)\n -o, --output Output file (e.g., coverage.md)\n --json JSON output\n --markdown Markdown to stdout\n\n2. analyze.py (LCOV Statistics)\nsui move coverage lcov\npython3 $SKILL_DIR/analyze.py lcov.info -f \"\" -s sources/\n\nOptions:\n -f, --filter Filter by path pattern\n -s, --source-dir Source directory for context\n -i, --issues-only Only show files with issues\n -j, --json JSON output\n\n3. parse_bytecode.py (Low-level)\nsui move coverage bytecode --module | python3 $SKILL_DIR/parse_bytecode.py\n\nCommon Patterns\nTesting Assertion Failures\n// Source code:\npublic fun withdraw(balance: &mut u64, amount: u64) {\n assert!(*balance >= amount, EInsufficientBalance); // ā† This failure path\n *balance = *balance - amount;\n}\n\n// Test for the failure path:\n#[test]\n#[expected_failure(abort_code = EInsufficientBalance)]\nfun test_withdraw_insufficient_balance() {\n let mut balance = 50;\n withdraw(&mut balance, 100); // Should fail: 50 < 100\n}\n\nTesting All Branches\n// Source code:\npublic fun classify(value: u64): u8 {\n if (value == 0) {\n 0\n } else if (value < 100) {\n 1\n } else {\n 2\n }\n}\n\n// Tests for all branches:\n#[test]\nfun test_classify_zero() {\n assert!(classify(0) == 0, 0);\n}\n\n#[test]\nfun test_classify_small() {\n assert!(classify(50) == 1, 0);\n}\n\n#[test]\nfun test_classify_large() {\n assert!(classify(100) == 2, 0);\n}\n\nTesting Object Lifecycle\n#[test]\nfun test_full_lifecycle() {\n let mut ctx = tx_context::dummy();\n \n // Create\n let obj = create(&mut ctx);\n assert!(get_value(&obj) == 0, 0);\n \n // Modify\n increment(&mut obj);\n assert!(get_value(&obj) == 1, 0);\n \n // Destroy\n destroy(obj);\n}\n\nError Code Reference\n\nWhen writing #[expected_failure] tests, use the error constant name:\n\n// If the module defines:\nconst EInvalidInput: u64 = 1;\nconst ENotAuthorized: u64 = 2;\n\n// Use in test:\n#[expected_failure(abort_code = EInvalidInput)]\nfun test_invalid_input() { ... }\n\n// Or use the module-qualified name:\n#[expected_failure(abort_code = my_module::EInvalidInput)]\nfun test_invalid_input() { ... }\n\nExample: Full Auto-Coverage Session\n# 1. Analyze current coverage\ncd /path/to/my_package\nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m my_module -o coverage.md\n\n# 2. Review what's missing\ncat coverage.md\n# Shows:\n# - decrement() not called\n# - assert!(value > 0, EValueZero) failure not tested\n\n# 3. Add tests to sources/my_module.move or tests/my_module_tests.move\n# (write the missing tests)\n\n# 4. Verify improvement\nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m my_module\n\n# 5. Repeat until 100% coverage\n\nIntegration with Agent Workflow\n\nWhen asked to improve test coverage:\n\nRun analysis - Get current coverage state\nRead source - Understand the module's logic\nIdentify gaps - List uncovered functions/branches/assertions\nSecurity review - Analyze for vulnerabilities while writing tests\nWrite tests - Create tests for each gap + security edge cases\nReport findings - Document any security concerns discovered\nVerify - Re-run coverage to confirm improvement\n\nAlways commit test improvements:\n\ngit add sources/ tests/\ngit commit -m \"Improve test coverage for \"\n\nSecurity Analysis During Testing\n\nWriting tests = Understanding the contract = Finding vulnerabilities\n\nWhen writing tests, actively look for these issues:\n\n1. Access Control\nQuestions to ask:\n- Who can call this function?\n- Should there be owner/admin checks?\n- Can unauthorized users manipulate state?\n\nRed flags:\n- Public functions that modify critical state without checks\n- Missing capability/witness patterns\n\n2. Integer Overflow/Underflow\nQuestions to ask:\n- What happens at u64::MAX?\n- What happens when subtracting from 0?\n- Are arithmetic operations checked?\n\nTest pattern:\n#[test]\nfun test_overflow_boundary() {\n // Test with max values\n}\n\n3. State Manipulation\nQuestions to ask:\n- Can state be left in inconsistent state?\n- Are all state changes atomic?\n- Can partial failures corrupt data?\n\nRed flags:\n- Multiple state changes without rollback\n- Shared objects without proper locking\n\n4. Economic Exploits\nQuestions to ask:\n- Can someone extract more value than deposited?\n- Are there rounding errors that can be exploited?\n- Flash loan attack vectors?\n\nRed flags:\n- Price calculations without slippage protection\n- Unbounded loops over user-controlled data\n\n5. Denial of Service\nQuestions to ask:\n- Can someone block legitimate users?\n- Are there unbounded operations?\n- Can storage be filled maliciously?\n\nRed flags:\n- Vectors that grow unbounded\n- Loops over external data\n\nSecurity Report Template\n\nWhen analyzing a module, generate a security report:\n\n## Security Analysis: \n\n### Summary\n- Risk Level: [Low/Medium/High/Critical]\n- Issues Found: X\n\n### Findings\n\n#### [SEVERITY] Issue Title\n- **Location:** Line XX\n- **Description:** What the issue is\n- **Impact:** What could happen\n- **Recommendation:** How to fix\n\n### Tested Edge Cases\n- [ ] Overflow at max values\n- [ ] Underflow at zero\n- [ ] Unauthorized access attempts\n- [ ] Empty/null inputs\n- [ ] Reentrancy scenarios\n\nExample: Security-Aware Test\n// SECURITY: Testing that non-owner cannot withdraw\n#[test]\n#[expected_failure(abort_code = ENotOwner)]\nfun test_unauthorized_withdraw() {\n // Setup: Create vault owned by ALICE\n // Action: BOB tries to withdraw\n // Expected: Should fail with ENotOwner\n}\n\n// SECURITY: Testing overflow protection\n#[test]\nfun test_deposit_overflow_protection() {\n // Deposit near u64::MAX\n // Verify no overflow occurs\n}\n\n// SECURITY: Testing economic invariant\n#[test]\nfun test_total_supply_invariant() {\n // After any operations:\n // sum(all_balances) == total_supply\n}\n\nFull Workflow with Security\n# 1. Coverage analysis\nsui move test --coverage --trace\npython3 $SKILL_DIR/analyze_source.py -m -o coverage.md\n\n# 2. While writing tests, document security findings\n# Create SECURITY.md alongside coverage.md\n\n# 3. After tests pass, summarize:\n# - Coverage: X% ā†’ 100%\n# - Security issues found: N\n# - Recommendations: ...\n\nRelated Skills\n\nThis skill is part of the Sui development skill suite:\n\nSkill\tDescription\nsui-decompile\tFetch and read on-chain contract source code\nsui-move\tWrite and deploy Move smart contracts\nsui-coverage\tAnalyze test coverage with security analysis\nsui-agent-wallet\tBuild and test DApps frontend\n\nWorkflow:\n\nsui-decompile ā†’ sui-move ā†’ sui-coverage ā†’ sui-agent-wallet\n Study Write Test & Audit Build DApps\n\n\nAll skills: https://github.com/EasonC13-agent/sui-skills" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/EasonC13/sui-coverage", "publisherUrl": "https://clawhub.ai/EasonC13/sui-coverage", "owner": "EasonC13", "version": "1.1.1", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/sui-coverage", "downloadUrl": "https://openagent3.xyz/downloads/sui-coverage", "agentUrl": "https://openagent3.xyz/skills/sui-coverage/agent", "manifestUrl": "https://openagent3.xyz/skills/sui-coverage/agent.json", "briefUrl": "https://openagent3.xyz/skills/sui-coverage/agent.md" } }